- Awareness of information assets
- Protection of assets possessed.
- Ensuring business continuity.
- Communicating with the related parties.
- Protecting information by means of a system and not leaving any chance for an attack.
- How to avoid legal proceedings.
- Classification of assets.
- Assessment of assets according to the criteria of confidentiality, integrity and accessibility.
- Carrying out risk analysis.
- Determination of controls which will be applied according to risk analysis outputs.
- Creating documentation.
- Implementing controls.
- Carry out internal audits.
- Keeping records.
- Review of management.
- Certification.
- The meaning of information security,
- Objective of standards,
- Security objectives and management of controls,
- Importance of the most critical controls,
- Effects of implementing ISO 27001 in an enterprise,
- ISO 27001 certification and commercial impacts,
- Penalties directed at inconsistencies with the law.